The journald documentation says that adding a user to 'systemd-journal' group or 'adm' group allows the user to access system-wide journal.
I'm running the latest CentOS 7 and I seem to have problem accessing the journal as a non-root user.
Here's my config:
$ id
uid=1000(centos) gid=1000(centos) groups=1000(centos),4(adm),10(wheel),190(systemd-journal) context=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023
$ cat /etc/systemd/journald.conf
[Journal]
Storage=persistent
$ journalctl
-- Logs begin at Sat 2015-08-29 16:35:52 UTC, end at Sat 2015-08-29 17:28:47 UTC. --
Aug 29 16:35:52 hostname ... <log continues>
There are no system logs in journalctl output.
Here's my permissions config:
$ ll -a /var/log/journal/f9afeb75a5a382dce8269887a67fbf58/
total 24592
drwxr-xr-x. 2 root root 4096 Aug 29 16:35 .
drwxr-xr-x. 3 root root 4096 Aug 29 17:28 ..
-rw-r-----. 1 root root 16777216 Aug 29 17:27 system.journal
-rw-r-----+ 1 root root 8388608 Aug 29 17:33 user-1000.journal
If I change the ownership group of system.journal to systemd-journal everything works fine. However this does not seem right, since the documentation does not say anything about it.
Is there anything I'm missing or is it actually required to manually change the group of the system.journal file?
Thank you
Best Answer
The solution is to change group ownership and add a sticky bit to the parent folder before the
.journalfiles are created.